neutron-mapper/src/test/java/org/opendaylight/groupbasedpolicy/neutron/mapper/mapping/group/NeutronSecurityGroupAwareDataStoreTest.java

   1 package org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.group;
   2
   3 import static org.junit.Assert.fail;
   4
   5 import org.junit.Test;
   6 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
   7 import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule.NeutronSecurityRuleAware;
   8 import org.opendaylight.groupbasedpolicy.neutron.mapper.mapping.rule.SecRuleDao;
   9 import org.opendaylight.groupbasedpolicy.neutron.mapper.test.ConfigDataStoreReader;
  10 import org.opendaylight.groupbasedpolicy.neutron.mapper.test.GbpDataBrokerTest;
  11 import org.opendaylight.groupbasedpolicy.neutron.mapper.test.NeutronEntityFactory;
  12 import org.opendaylight.groupbasedpolicy.neutron.mapper.test.PolicyAssert;
  13 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.MappingUtils;
  14 import org.opendaylight.groupbasedpolicy.neutron.mapper.util.NeutronUtils;
  15 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
  16 import org.opendaylight.neutron.spi.NeutronSecurityRule;
  17 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.common.rev140421.ContractId;
  18 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.Contract;
  19 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup;
  20 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.tenants.tenant.policy.EndpointGroup.IntraGroupPolicy;
  21
  22 import com.google.common.base.Optional;
  23 import com.google.common.collect.ImmutableList;
  24 import com.google.common.collect.ImmutableSet;
  25
  26 public class NeutronSecurityGroupAwareDataStoreTest extends GbpDataBrokerTest {
  27
  28     @Test
  29     public void testAddAndDeleteNeutronSecurityGroup_noSecurityRules() throws Exception {
  30         DataBroker dataBroker = getDataBroker();
  31         SecRuleDao secRuleDao = new SecRuleDao();
  32         SecGroupDao secGroupDao = new SecGroupDao();
  33         NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, secRuleDao, secGroupDao);
  34         NeutronSecurityGroupAware groupAware = new NeutronSecurityGroupAware(dataBroker, ruleAware, secGroupDao);
  35
  36         final String tenantId = "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa";
  37         final String secGroupId1 = "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb";
  38         final String secGroupId2 = "cccccccc-cccc-cccc-cccc-cccccccccccc";
  39
  40         NeutronSecurityGroup secGroup1 = NeutronEntityFactory.securityGroup(secGroupId1, tenantId);
  41         NeutronSecurityGroup secGroup2 = NeutronEntityFactory.securityGroup(secGroupId2, tenantId);
  42
  43         groupAware.created(secGroup1);
  44
  45         PolicyAssert.assertTenantExists(dataBroker, tenantId);
  46         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
  47         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 1);
  48         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
  49         PolicyAssert.assertNoProviderNamedSelectors(dataBroker, tenantId, secGroupId1);
  50         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId1);
  51         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId1, IntraGroupPolicy.RequireContract);
  52
  53         groupAware.deleted(secGroup1);
  54
  55         PolicyAssert.assertTenantExists(dataBroker, tenantId);
  56         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
  57         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 0);
  58
  59         groupAware.created(secGroup1);
  60         groupAware.created(secGroup2);
  61
  62         PolicyAssert.assertTenantExists(dataBroker, tenantId);
  63         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
  64         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 2);
  65         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
  66         PolicyAssert.assertNoProviderNamedSelectors(dataBroker, tenantId, secGroupId1);
  67         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId1);
  68         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId1, IntraGroupPolicy.RequireContract);
  69         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId2);
  70         PolicyAssert.assertNoProviderNamedSelectors(dataBroker, tenantId, secGroupId2);
  71         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId2);
  72         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId2, IntraGroupPolicy.RequireContract);
  73
  74         groupAware.deleted(secGroup2);
  75
  76         PolicyAssert.assertTenantExists(dataBroker, tenantId);
  77         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
  78         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 1);
  79         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
  80         PolicyAssert.assertNoProviderNamedSelectors(dataBroker, tenantId, secGroupId1);
  81         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId1);
  82
  83         groupAware.deleted(secGroup1);
  84
  85         PolicyAssert.assertTenantExists(dataBroker, tenantId);
  86         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
  87         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 0);
  88     }
  89
  90     @Test
  91     public void testAddAndDeleteNeutronSecurityGroup_withSecurityRules() throws Exception {
  92         DataBroker dataBroker = getDataBroker();
  93         SecRuleDao secRuleDao = new SecRuleDao();
  94         SecGroupDao secGroupDao = new SecGroupDao();
  95         NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, secRuleDao, secGroupDao);
  96         NeutronSecurityGroupAware groupAware = new NeutronSecurityGroupAware(dataBroker, ruleAware, secGroupDao);
  97
  98         final String tenantId = "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa";
  99         final String secGroupId1 = "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb";
 100         final String secGroupId2 = "cccccccc-cccc-cccc-cccc-cccccccccccc";
 101         final String secRuleId1 = "dddddddd-dddd-dddd-dddd-dddddddddddd";
 102         final String secRuleId2 = "eeeeeeee-eeee-eeee-eeee-eeeeeeeeeeee";
 103
 104         NeutronSecurityRule secRule1 = NeutronEntityFactory.securityRuleWithEtherType(secRuleId1, tenantId,
 105                 NeutronUtils.IPv4, NeutronUtils.EGRESS, secGroupId1, null);
 106
 107         NeutronSecurityRule secRule2 = NeutronEntityFactory.securityRuleWithEtherType(secRuleId2, tenantId,
 108                 NeutronUtils.IPv4, NeutronUtils.INGRESS, secGroupId2, secGroupId1);
 109
 110         NeutronSecurityGroup secGroup1 = NeutronEntityFactory.securityGroup(secGroupId1, tenantId,
 111                 ImmutableList.of(secRule1));
 112
 113         NeutronSecurityGroup secGroup2 = NeutronEntityFactory.securityGroup(secGroupId2, tenantId,
 114                 ImmutableList.of(secRule2));
 115
 116         groupAware.created(secGroup1);
 117
 118         PolicyAssert.assertTenantExists(dataBroker, tenantId);
 119         PolicyAssert.assertContractExists(dataBroker, tenantId, secRuleId1);
 120         Optional<Contract> contract = ConfigDataStoreReader.readContract(dataBroker, tenantId, secRuleId1);
 121         PolicyAssert.assertContract(contract.get(), secRule1);
 122         PolicyAssert.assertContractCount(dataBroker, tenantId, 1);
 123         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
 124         Optional<EndpointGroup> epGroup1 = ConfigDataStoreReader.readEndpointGroup(dataBroker, tenantId, secGroupId1);
 125         PolicyAssert.assertProviderNamedSelectors(epGroup1.get(), ImmutableSet.of(new ContractId(secRuleId1)));
 126         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId1);
 127         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId1, IntraGroupPolicy.RequireContract);
 128         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 1);
 129
 130         PolicyAssert.assertClassifierInstanceExists(dataBroker, secRule1);
 131         PolicyAssert.assertActionInstanceExists(dataBroker, tenantId, MappingUtils.ACTION_ALLOW.getName());
 132
 133         groupAware.deleted(secGroup1);
 134
 135         PolicyAssert.assertTenantExists(dataBroker, tenantId);
 136         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
 137         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 0);
 138
 139         PolicyAssert.assertClassifierInstanceNotExists(dataBroker, secRule1);
 140         // TODO: Uncomment this when the life cycle of the Allow ActionInstance will be clarified.
 141         // PolicyAssert.assertActionInstanceNotExists(dataBroker, tenantId, MappingUtils.ACTION_ALLOW.getName());
 142
 143         groupAware.created(secGroup1);
 144         groupAware.created(secGroup2);
 145
 146         PolicyAssert.assertTenantExists(dataBroker, tenantId);
 147         PolicyAssert.assertContractExists(dataBroker, tenantId, secRuleId1);
 148         contract = ConfigDataStoreReader.readContract(dataBroker, tenantId, secRuleId1);
 149         PolicyAssert.assertContract(contract.get(), secRule1);
 150         contract = ConfigDataStoreReader.readContract(dataBroker, tenantId, secRuleId2);
 151         PolicyAssert.assertContract(contract.get(), secRule2);
 152         PolicyAssert.assertContractCount(dataBroker, tenantId, 2);
 153         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
 154         epGroup1 = ConfigDataStoreReader.readEndpointGroup(dataBroker, tenantId, secGroupId1);
 155         PolicyAssert.assertProviderNamedSelectors(epGroup1.get(), ImmutableSet.of(new ContractId(secRuleId1)));
 156         PolicyAssert.assertConsumerNamedSelectors(epGroup1.get(), ImmutableSet.of(new ContractId(secRuleId2)));
 157         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId1, IntraGroupPolicy.RequireContract);
 158         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId2);
 159         Optional<EndpointGroup> epGroup2 = ConfigDataStoreReader.readEndpointGroup(dataBroker, tenantId, secGroupId2);
 160         PolicyAssert.assertProviderNamedSelectors(epGroup2.get(), ImmutableSet.of(new ContractId(secRuleId2)));
 161         PolicyAssert.assertConsumerNamedSelectors(epGroup2.get(), ImmutableSet.of(new ContractId(secRuleId1)));
 162         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId2, IntraGroupPolicy.RequireContract);
 163         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 2);
 164         PolicyAssert.assertClassifierInstanceExists(dataBroker, secRule1);
 165         PolicyAssert.assertActionInstanceExists(dataBroker, tenantId, MappingUtils.ACTION_ALLOW.getName());
 166
 167         groupAware.deleted(secGroup2);
 168
 169         PolicyAssert.assertTenantExists(dataBroker, tenantId);
 170         PolicyAssert.assertContractExists(dataBroker, tenantId, secRuleId1);
 171         contract = ConfigDataStoreReader.readContract(dataBroker, tenantId, secRuleId1);
 172         PolicyAssert.assertContract(contract.get(), secRule1);
 173         PolicyAssert.assertContractCount(dataBroker, tenantId, 1);
 174         PolicyAssert.assertEndpointGroupExists(dataBroker, tenantId, secGroupId1);
 175         epGroup1 = ConfigDataStoreReader.readEndpointGroup(dataBroker, tenantId, secGroupId1);
 176         PolicyAssert.assertProviderNamedSelectors(epGroup1.get(), ImmutableSet.of(new ContractId(secRuleId1)));
 177         PolicyAssert.assertNoConsumerNamedSelectors(dataBroker, tenantId, secGroupId1);
 178         PolicyAssert.assertIntraGroupPolicy(dataBroker, tenantId, secGroupId1, IntraGroupPolicy.RequireContract);
 179         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 1);
 180
 181         PolicyAssert.assertClassifierInstanceExists(dataBroker, secRule1);
 182         PolicyAssert.assertActionInstanceExists(dataBroker, tenantId, MappingUtils.ACTION_ALLOW.getName());
 183
 184         groupAware.deleted(secGroup1);
 185
 186         PolicyAssert.assertTenantExists(dataBroker, tenantId);
 187         PolicyAssert.assertContractCount(dataBroker, tenantId, 0);
 188         PolicyAssert.assertEndpointGroupCount(dataBroker, tenantId, 0);
 189
 190         PolicyAssert.assertClassifierInstanceNotExists(dataBroker, secRule1);
 191         // TODO: Uncomment this when the life cycle of the Allow ActionInstance will be clarified.
 192         // PolicyAssert.assertActionInstanceNotExists(dataBroker, tenantId, MappingUtils.ACTION_ALLOW.getName());
 193     }
 194
 195     @Test
 196     public void testConstructor_invalidArgument() throws Exception {
 197         DataBroker dataBroker = getDataBroker();
 198         SecRuleDao secRuleDao = new SecRuleDao();
 199         SecGroupDao secGroupDao = new SecGroupDao();
 200         NeutronSecurityRuleAware ruleAware = new NeutronSecurityRuleAware(dataBroker, secRuleDao, secGroupDao);
 201         assertExceptionInConstructor(null, ruleAware, secGroupDao);
 202         assertExceptionInConstructor(dataBroker, null, secGroupDao);
 203         assertExceptionInConstructor(dataBroker, ruleAware, null);
 204         assertExceptionInConstructor(null, null, null);
 205     }
 206
 207     private void assertExceptionInConstructor(DataBroker dataBroker, NeutronSecurityRuleAware secRuleAware,
 208             SecGroupDao secGroupDao) {
 209         try {
 210             new NeutronSecurityGroupAware(dataBroker, secRuleAware, secGroupDao);
 211             fail(NullPointerException.class.getName() + " expected");
 212         } catch (NullPointerException ex) {
 213             // do nothing
 214         }
 215     }
 216 }